The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Two Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
AT&T has posted a blog discussing the threat of malicious QR codes and how to mitigate them. Due to the ease of creation and the convenience of use, QR codes are a popular method organizations use to drive web traffic from the physical to the virtual. However, QR codes also engender trust, which can be abused by threat actors.
Talos has written a blog discussing ransomware code leaks and how they impact the threat landscape by making it easier for new threat actors to quickly build their own malware variants to deploy against potential victims.
Today, CISA, the National Security Agency (NSA), the FBI, and international partners published a joint Cybersecurity Advisory (CSA), 2022 Top Routinely Exploited Vulnerabilities.
This week, CISA and the Norwegian National Cyber Security Centre (NCSC-NO) released a joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-35078 and CVE-2023-35081 affecting Ivanti Endpoint Manager Mobile (EPMM) (formerly known as MobileIron Core). Threat actors can chain these vulnerabilities to gain initial, privileged access to EPMM systems and execute uploaded files, such as webshells.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The National Security Agency (NSA) has released a new Cybersecurity Technical Report (CTR) “Cisco Firepower Hardening Guide,” to assist network and system administrators with configuring these next generation firewalls (NGFWs).
Cofense shares recent analysis diving into a new phishing tactic that utilizes Google Accelerated Mobile Pages (AMP), an open-source HTML framework for browser and mobile websites. By using websites hosted on Google AMP URLs, threat actors are able to gain trust with users who think they are accessing a Google domain. This tactic is designed to steal login credentials of enterprise employees and has been successful at bypassing secure email gateways to reach users inboxes.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
